Gmail Verification Phishing

A new trick has been discovered in use by phishing scams, spoofing the verification mark in Gmail.

Gmail has recently introduced blue check marks to verify trusted senders, with the intention of making it easier to spot phishing emails that are pretending to be from legitimate senders.

Sending fake emails that pretend to be from someone the recipient would trust is known as phishing and remains one of the major scams used by attackers to gain access to accounts and data.

Unfortunately, it’s been reported that already there have been scam emails found that had the blue checkbox on them. Currently it’s not known how this is being done, but it means that until it’s fixed, users cannot rely on the blue check mark to identify an email as genuine.

How to Spot Phishing Emails

Some of the most common tells that an email is a scam include:

• A greeting or content that is significantly different to other correspondence.
• Unexpected urgency: scams often try to scare users into acting without due thought.
• Unusual or incorrect spelling or grammar.
• The email domain (the part after the @) isn’t quite what you’d normally see.
• Requesting sensitive information that usually isn’t asked for in emails, such as passwords or financial information.
• Getting emails from providers that you don’t use and have no reason to be contacted by.
• Unexpected requests to download files.

If unsure, see if you can look up the sender’s contact details from a source other than the email, such as their website. If you can contact the sender, you can check if they have sent you anything recently. In these cases, never rely on contact details provided by the email itself.

When we learn more, we’ll let you know. If you have any questions or concerns about determining if an email is genuine or a scam, just get in touch.